ESOA-2004-UlieruSpringer

advertisement
Adaptive Information Infrastructures for the e-Society
Mihaela Ulieru
Electrical and Computer Engineering Department
The University of Calgary
2500 University Dr. NW
Calgary, Alberta, T1N 1N4 Canada
ulieru@ucalgary.ca
http://www.enel.ucalgary.ca/People/Ulieru/
Abstract. Positioned at the confluence between human/machine and hardware/software integration and backed by a solid proof of concept realized
through several scenarios encompassing e-Securities, e-Health, and e-Logistics
for global manufacturing and emergency response management, this work exploits latest advances in information and networking technologies to set a systematic framework for the design of the information infrastructures (coined as
AIIs - Adaptive Information Infrastructures) destined to fuel tomorrow’s eSociety. Designed following the natural laws of evolution, which merge selforganization and natural selection [38], these socially embedded information infrastructures can adapt to fulfill various needs as their environment demands.
Computational intelligence techniques endow the AIIs with learning and discovery capabilities, emulating social and biological behavior. AIIs are destined
to become an integral part of our life by supporting, rather than disturbing, a
framework that facilitates strategic partnerships while providing greater userfriendliness, more efficient services support, user-empowerment, and support
for human interactions.
Keywords. distributed artificial intelligence, information infrastructures, emergency response management, e-Health, Cybersecurities, emergence, selforganization, evolution
1 Rationale
Today’s electronic information technologies are linking our world, enabling partnerships otherwise impossible in all areas of our life. From e-Commerce and e-Business
to e-Learning and e-Health the economic strategies as well as the routine professional
practices have been irreversibly contaminated with the spice of electronic connectivity. Supported by this technological leverage, new paradigms have emerged with models that are dynamic, autonomous, self-organizing and proactive, generically coined as
‘intelligent’. In particular Multi-Agent Systems (MAS) have changed the software
world, and with it the world of information technologies. With the reasoning encapsulated in societies of software agents, having a life of their own in Cyberspace, the Internet becomes a dynamic environment through which agents move from place to
place to deliver their services and eventually to compose them with the ones of other
agents, just like people cooperate, by exchanging services and/or putting together
their competencies in a larger, more complex service.
With this the dawn of the e-Economy is already upon us and as direct consequence
the e-Society emerges as a parallel world of information, where people ‘cloned’ as
agents are ‘living’ in a virtual universe, emulating our games in all aspects of life, be
they economic, financial, business, school or health related, or even just-for-fun, in
computer games. Paradigm shifts abound in our world, shaping our lives more and
more dramatically. Building on the power of distributed intelligence on the web they
swing the driving forces of our economy from competition to cooperation, from individualism to strategic partnering, from power-from-information to authority-fromwisdom, from fear to trust (and, sometimes, vice versa). To secure our future we need
to act quickly to take these developments in a safe direction that guarantees the hidden dangers of these technologies are superceded by its positive effects meant to improve our lives. All the right questions spanning ethical and societal concerns have to
be posed before our lives immerse into such e-systems to ensure a safe environment is
created.
In today’s dramatic context there is an acute need for such new techniques capable
to deal with critical aspects such as emergency response management, network, information and national security enhancement, population health and quality of life
improvement, etc. In spite of the tremendous progress made by researchers to enable
the electronic communication space (be it networked or wireless) to become a Dynamic Service Environment1 (DSE) supporting all aspects of life, from business and
commerce to education and health, society is stagnant, still using the old ways while
these tremendous IT advances are not applied. Elderly and remotely located people
without possibility of transportation still live in isolation. New threats test us continuously calling for new ways to cope with emergency and crisis situations and for tools
that are more dynamic, anticipative and adaptive in real-time. To build more immunity for our world in coping with unexpected disasters (be they natural, such as earthquakes, floods, hurricanes or man-made ones such as oil spills in the ocean, terrorist
attacks, etc.) and more recently health emergencies posed by highly contagious diseases (bird flu, SARS, mad cow, etc.) it is of the essence to unleash the power of IT.
In such crisis situations there is a high need to react quickly in a reasonable, efficient
way to restore the effects of the crisis.
To meet this need we propose a systematic approach to the design and implementation of such dynamic environments supporting coalition formation, which we refer
to as adaptive information infrastructures (AII). AIIs could glue together the best organizations capable to cooperate in the timely solving of a crisis, and support the coordination of activities across such an extended cooperative organization, getting clarity to emerge from the fog of information and help make the best decisions out of the
crisis chaos.
1
www.agentcities.org (The Global Agentcities Task Force has the mandate to bring together
forces from all continents in a common effort to develop the dynamic infrastructures of tomorrow’s ‘alive’-Web.)
2 State of the art in the design of adaptive information
infrastructures
Future information systems will use ambient intelligence to create collaborative ecosystems of stationary and mobile devices, such as mobile phones, PDAs, personal
mobile gateways, portable players and personal storage devices [1]. These ecosystems
will form an environment that supports complex interactions between distributed systems. Multi-agent technology is an excellent candidate for realizing such an environment, but requires the development of methods and technologies for its control,
maintenance and evolution. Organization is crucial to this dynamic environment because groups of agents need to communicate with each other and self-organize to
meet their objectives.
As information systems become more complex, it is increasingly difficult to manage them using traditional approaches based on centralized and pre-defined control
mechanisms. The dynamic configuration of loosely combined artifacts and services
puts new requirements on middleware and frameworks, which need to be more adaptive and responsive in real time. One example of a new architectural approach is open
resource coalition as a shared infrastructure that automates configuration decisions
given a specification of the user's task [2]. They use (like most approaches [3], [4])
analytical models to make near-optimal configuration decisions.
As open-resource coalitions, shared infrastructures are:
 pervasive/ambient, available everywhere as an integral part of the environment;
 intelligent, in the sense that people will react and respond to AIIs as they would to
a human being;
 adaptive, with their behavior changing in response to actions in the environment;
and
 anticipatory, meaning they can anticipate an attack without conscious mediation.
Given their characteristics, AIIs call for a complex approach to their design. Recently,
models from biology, the physical world, chemistry and social systems have inspired
scholars to seek ways to more efficiently manage complex information ecosystems
[5]. However, even the most sophisticated approaches [6] do not consider the ecosystem’s interaction with other systems, which would induce evolution through selection.
To influence the development of this technology in a human-friendly way our approach builds on the natural laws/patterns of self-organization according to which
adaptive / intelligent systems emerged in the process of universes’ evolution [7].
3 Approach
Our approach [8] addresses this by enabling information infrastructures for various
applications. For example, for global production integration [9], we developed a
methodology for dynamic resource management and allocation across distributed
(manufacturing) organizations [10], [11]. The approach integrates multi-agent technology with the holonic paradigm proposed by A. Koestler in his attempt to create a
model for self-organization in biological systems [12]. A holonic organization is cre-
ated (see Fig. 1, [13]) as a nested hierarchy, referred to as holarchy, of collaborative
entities (e.g. resources, people, departments, sections or enterprises) linked through an
information infrastructure that defines several levels of resolution [14]. Each entity is
a holon and is modeled by a software agent [9] with holonic properties—that is, the
software agent may be composed of other agents behaving in a similar way, but performing different functions at lower levels of resolution.
The flow of information and matter across a holonic organization defines several
levels of granularity (Fig. 1) across which we integrate the mechanism of emergence
to enable the dynamic creation, refinement and optimization of flexible ad-hoc AIIs as
coordination backbones for the distributed organization, capable to bring together the
best resources available (within reach) depending on the needs of the particular crisis
to be addressed.
Emergence involves selforganization of the systems
and
natural
selection
through interaction with
other systems. We integrate
emergence into the holonic
paradigm [15] to create, refine and optimize AIIs.
Self-organization is achieved by minimizing the entropy measuring the fuzzy
information spread across
Fig. 1. Holonic Enterprise Model (from [13])
the multi-agent system [10].
This will cluster the resources (agents), ensuring interaction between the system’s
parts to reach its objectives timely, efficiently and effectively. Evolution is enabled by
interaction with external systems (agents); for example, via a genetic search in cyberspace that mimics mating with most fit partners in natural evolution [16] or by means
of dynamic discovery services [17].
Embedding and intelligence are essential in our vision. Besides the physical embedding facilitated by miniaturizing and by reducing technology costs, as socially
embedded information infrastructure AIIs are destined to become an integral part of
our life by supporting, rather than disturbing, a framework that facilitates strategic
partnerships among ‘cyber-highway enabled’ participants while providing greater user-friendliness, more efficient services support, user-empowerment, and support for
human interactions. Intelligence can range from context-awareness, to more personalized and adaptive systems. In this vision, people will be immersed in such intelligent
and intuitive infrastructures embedded in everyday objects in an environment recognizing and responding to the presence and needs of individuals in a seamless way.
4 Our Previous Results in the implementation of AIIs
4.1
AIIs for global manufacturing
Our work with the Holonic Manufacturing Systems (HMS) consortium demonstrated that this methodology is very useful for global supply chain management systems that
integrate collaborative workflow
techniques [18]. Within this context
AIIs can be viewed as information
ecosystems composed of collaborative but autonomous holons Fig. 2
working e.g. to create a new product by merging several specialized
companies and coordinating their
efforts, Fig. 3 (from [18]).
The interaction between distributed enterprises, with their suppliers
and customers is modeled
Fig. 2. Global Manufacturing Holarchy
at the multi-enterprise levSupplier 1
Company 1 Customer 1
el. The enterprise level
Supplier 2
Company 2 Customer 2
hosts co-operation between
Supplier 3
Company 3 Customer 3
entities belonging to one
Multi Enterprise Layer
organization, the sales offices and the production
sites. The distributed manFactory 1
Sales 1
ufacturing control within a
Factory 2
Sales 2
production site or shop
Factory 3
Sales 3
floor is handled by the
shop floor level. Here the
Enterprise Layer
entities are distributed
work areas working together and in co-operation,
Work area 1
in order to fulfill all orders
Work area 2
Work area 3
allocated to them. The
basic level (the Cell) modShop Floor Layer
els the interactions between equipments and
humans. In [18] we focused on a supply chain
scenario from the phone
manufacturing industry.
Atomic Holon Level
Fig. 3. Layers in Holonic Manufacturing
This approach can easily be expanded to any goods distribution networks (e.g. the
Wal-Mart supply chain).
4.2 Challenges in implementing AIIs for global manufacturing
The main challenges to be faced here pertain to the vertical integration between levels, where different ontologies have to communicate.
 The main barriers at the real-time control level result from the difficulty of implementing MAS concepts in a stochastic environment where hard real-time constraints must be met to achieve safe system operation.
 Need for optimal clustering (i.e. always group the best partners) – requires on-line
reconfiguration of the collaborative cluster to respond to changes in market demands as well as to the needs for maintaining optimal configuration.
 Need to balance the autonomy of each individual partner with the cooperative demands of the collaborative cluster – through negotiation that can range from simple
bidding (proposal and counter-proposal) to complex argumentation and persuasion
strategies. An example of the latest: the cluster sets a deadline and requirements to
coordinate among the partners while partners need to argue their position and integrate the deadline with their other priorities). The cluster sets the ‘rules of the
game’ through component protocols. Preferences can be captured via a utility function such that clustering best partners can be achieved via cost minimization.
 Need for safety. To achieve a safe system, typically two general concepts are used.
First, safety channels (i.e., fault monitoring and recovery code) are separated from
non-safety channels (i.e., control code). This decomposition technique is typically
referred to as the “firewall concept”. Second, redundancy is applied in the system
in the form of homogeneous redundancy where clones or exact replicas of code are
used (only to protect against random failures), or in the form of diverse redundancy
where different means are used to perform the same function (this protects against
random and systematic failures).
 Need to manage timing and precedence relationships while executing the distributed functions and tasks.
 Need for the system to be capable of arranging for compiling of the code into lowlevel application code and distributing of this application code to appropriate resources for execution.
 Need to enable the user to develop an application using basic and composite function blocks and application prototypes (templates) from a library.
 Need for monitoring and fault recovery. The purpose of monitoring is to ensure
that the control system performs as intended, or in other words, that no latent faults
occur. When monitoring for faults, the control system should watch for failures
(events occurring at specific times), and errors (inherent characteristics of the system). The types of responsibilities that our control system will have in this area are:
diagnosis of program execution, monitoring for exceptions that are thrown by function block code during execution, and monitoring the system state for inconsistencies (e.g., deadline control).
4.3
AIIs for Emergency Response Management
More recently, we successfully took the holonic concept out of the factory environment by designing a holonic framework suitable for emergency response applications
[19]. For this testbed the actors are either a policeman with a PDA, a firefighter with a
cell phone or even a helicopter sending real-time information about the traffic jams to
our planner holon. For example, it can indicate an optimal or improved route for
emergency vehicles to follow or even more, it will be able to instruct the policemen to
clear a road so the firefighters will be able to arrive to the building faster. In case of a
bigger disaster our system will be able to contact the hospitals in the zone and start
distributing the patients according to bed availability. The emergency AII is depicted
in Fig. 4 with three nested levels:
Inter-Enterprise Level: This is the level on which the emergency AII is formed. Each
collaborative partner is modeled as an agent that encapsulates those abstractions relevant to the particular cooperation. The “Emergency Mediator” handles the communication process between them. This will require the development of ontologies that
will handle the different kind of information exchange and also will allow the system
to be expanded.
Intra-Enterprise Level: Before an enterprise/organization can undertake responsibility for some subtask, it has to find out about its own internal resources to ensure that it
can deliver on time according to the coordination requirements of the ad-hoc created
collaborative cluster.
Atomic Autonomous Systems or Machine Level: The lowest level is the atomic autonomous systems or device/resource level, concerned with the control and coordination of distributed resources performing the work.
Planning and dynamic scheduling of resources on all levels of the emergency holarchy enable functional reconfiguration and flexibility via (re)selecting functional
units, (re)assigning their locations, and (re)defining their interconnections (e.g., rerouting around a fire crew, changing the functions of a multi-functional defense unit,
reallocating hospital beds to cope with the victims of the crisis, etc.).
Government Agencies
Police Department
Gas Company
Non Profit Org.
Hospital
Electricity Comp. Fire Department Telephone Comp.
Emergency Response Holarchy (Inter-Enterprise
Level)
Emergency Headquarters
Bio Hazard Department
Explosives Dep.
GPS Systems
Repair Service
Emergency Head
Fire Station
Equipment Dep.
Fire Department Holarchy (Intra-Enterprise Level)
Incident Commander
Officer-in-charge
Crane truck
Fire truck
Ambulance
Doctor
Fire Fighter
Interactive PDA
Fire Station Holarchy (Atomic Autonomous Systems)
Fig. 4. Emergency Response Holarchy (AII)
As emergent dynamic information infrastructures that are autonomous and proactive, AIIs can ensure ubiquitous (optimal) resource discovery and allocation while at
the same time self-organizing their resources to optimally accomplish the desired objectives. This is achieved through dynamic virtual clustering mechanisms acting on
each resource within the enterprise, cloned as an agent that abstracts those functional
characteristics relevant to the specific task assigned by the collaborative conglomerate
to each unit. Once a crisis arises an AII emerges clustering available resources (modeled as software agents) to deal with the situation optimally.
4.4
Challenges in Implementing AIIs for Emergency Logistics
 To find an optimal cluster is NP-hard. By exploiting heuristics/experiences we aim
to overcome the limitations of existing approaches, especially regarding the timely
response constraint required by emergency.
 In emergency logistics, where the scope of possible organizations/tasks/skills is not
restricted and/or predefined, it is difficult to express and code enough real world
semantics to permit a goal-driven and effective communication between levels.
Another crucial issue: to incorporate solid trust and reputation mechanisms in
agents (e.g. institutionalized power).
 In such dynamic, intrusive environments organizations need to be protected by
strong security mechanisms, exceeding today’s web-service deployment standards.
We will continue work with the FIPA ‘Securities’ Technical Committee on this issue. A possible solution is the electronic institution - a normative framework which
emulates regulatory mechanisms in real life social institutions. Such institutions
define and police norms that guide individual agents collaborating through AIIs.
These norms set acceptable actions that each agent can perform in connection to
the role(s) it plays and clearly specifies access restrictions on data according to
these roles.
5 New Applications of AIIs
5.1
Scalable Secure Web Based Services for e-Health
We propose a holonic framework suitable for e-health applications. In [20] we defined the concept of medical holarchy as an open evolutionary health system that is
highly self-organized and self-adaptive. The collaborative medical entities (patients,
physicians, medical devices, etc.) that work together to provide a needed medical service for the benefit of the patient, Fig. 5 – form a medical holarchy. The levels of a
medical AII are (Fig. 6):
 Inter-Enterprise: Hospitals, Pharmacies, Medical Clinics/Laboratories
 Intra-Enterprise: Sections/Units/ Departments of each medical enterprise
 Resource Level: Machines for medical tests, medical monitoring devices, information processing resources
In this system of collaborative
medical entities new devices and
services (Fig. 5) can integrate
themselves, offer their functionality to others and share data on a secure level. The complex interaction
of diagnosis, treatment and monitoring is made possible through
task planners and schedulers that
are distributed, automatic and selfconfiguring.
Fig. 5. Medical AII
Hospital
Medical Specialist
Family DocPharmacy
Ambulance
Patients tor
Clinic
Medical Lab.
Medical Holarchy (Inter-Enterprise Level)
Patient Scheduling
Prediction Expert Systems
Nurses
Medical Doctor Medical Assistant
Patient DataTesting Machine
Pharmacy
base
Clinic
Holarchy (Intra-Enterprise Level)
X-ray
EKG
Heart Beat
Automatic |Decision System
Blood pressure
Interactive PDA
Testing Machine Holarchy (Basic System Level)
Fig. 6. Medical Holarchy (AII)
A major issue in e-Health technology adoption is reconciliation of the various
standards of care across the continents. As well the security and privacy of electronic
medical records is of major significance and has proven to be the major brake that
slowed down the adoption of e-Health by major clinics around the world but especially in the North Americas. Therefore our goal is to develop a reusable framework for
secure high-performance web-services in e-health. As a testbed for the secure AII to
be developed we will use it to connect a network of medical experts that will collaborate via the AII to develop standards of care for glaucoma [24]. To enable the collaboration of highly specialized glaucoma surgeons located across the country we have
developed a telehealth approach [21] that involves a consensus analyzer synthesizing
expert opinions into standards of care [22].
Recently we successfully applied this concept to improve glaucoma monitoring
[23] with a security layer. This has encouraged us to expand the holonic concept to
other e-Health areas that require the dynamic creation of organizational structures and
workflow coordination, such as rescuing people after an accident or disaster. This is a
time critical operation that requires quick diagnosis, identification of the closest available hospital and knowledge of traffic conditions.
During an AII-enabled rescue operation, novel e-Health technologies can be used,
e.g. using biometric technologies [36] for patient authentication by a wireless fingerprint sensor that accesses their profile from a remote database. Depending on indicators such as blood pressure and the health history of the patient, a first diagnosis is
compiled using automated decision support systems [25]. Electronic logistics support
provides information about the next available and suitable hospital, initiate staff assembly and emergency room preparation, and provide on-the-fly patient check-in.
5.2
Challenges in Implementing e-Health AIIs
The main challenges to be addressed in the implementation of medical holarchies are:
 Need for development, dissemination and utilization of common communication
standards, vocabularies and ontologies. Unfortunately there is not much work in
this direction and we will intensify our influence in creation of appropriate eHealth ontologies by working with the standard bodies focused on e-Health. The
EU’s CEN/TC 251 aim is to achieve compatibility and interoperability between independent systems, to support clinical and administrative procedures, technical
methods to support interoperable systems as well as requirements regarding safety,
security and quality. The US standardization bodies, the American Society for
Testing and Materials’ Committee on Healthcare Informatics (ASTM E31) [26]
and Health Level Seven [27] are involved in similar work. ASTM E31 is developing standards related to the architecture, content, storage, security, confidentiality,
functionality, and communication of information while HL7 is mainly concerned
with protocol specifications for application level communications among health
data acquisition, processing, and handling systems. Existing ontologies are being
developed to meet different needs, each with its own representation of the world,
suitable to the purpose it has been developed for. There is as yet no common ontology. Of those that are being developed, OpenGALEN [28] provides a common
terminology that is currently of limited scope, while UMLS [29] lacks a strong organizational structure, and SNOMED [30] provides only diagnosis nomenclature
and codification.
 Besides the social acceptance of medical holarchies, professional acceptance – that
is by the medical doctors is a major issue. We hope that our scenarios will increase
the confidence of medical personnel in such technologies by proving their usefulness. Health care professionals are quite reluctant to accept and use new technologies. In the first place, they usually have a very busy schedule, so they lack the
time to be aware of the latest advances in technologies and how they could be used
to reduce their workload. They refuse to use new tools if they are not integrated
smoothly into their daily workflow. They also often mention the lack of time and
personnel to convert all the required medical data into an electronic format, so that
it can be easily accessed and managed 2. Some doctors also mention the "hype"
2
Medical records are usually hand written and distributed in different departments of a medical
centre.
built around Artificial Intelligence and, especially, expert systems, twenty years
ago, which did not live up to their expectations, and they may reasonably argue
that the "intelligent autonomous agent" paradigm, so fashionable today, may also
fail to deliver real world results.
We will address these challenges when developing the medical AIIs as a primary
response to the needs and requirements of today’s healthcare system, especially to the
need for ubiquitous access to healthcare services and ease of workflow management
throughout the medical system.
5.3
Holonic Cybersecurity System
Information infrastructures are critical to the functioning of society; however, they are
vulnerable because of threats and complex interdependencies [31]. New research in
this field needs to account for these security issues, which are crucial to future information systems and services. In this context, AIIs provide new dimensions to security:
 Reliability of critical infrastructure with survival capabilities, such as power and
water distribution.
 Resilience based on an anticipative environment that enables operation under continuous threats and attacks.
The issue of Cybersecurity is very difficult to tackle, given that nobody owns the
Internet and there is no single ‘command post’ to control its security. The status quo
regarding intrusion detection raises many challenges:
 Post attack information accumulates through many different organizations; therefore ID tools are unable to interact, making correlation of results difficult.
 Incident responses are local. There is no unified mechanism for analyzing such informational alerts and determine their implications/risk factor.
This places on the ‘wish list’ for security systems the following demands:
 ‘On-the-fly’ system configuration, requested by the continuous network changes
 Timely detection of all kinds of attacks
 Prevention (and counter-attack) in any network place
 Universal installation and maintenance
Most approaches to cybersecurity focus mainly on system protection against
known attacks [32], leaving it vulnerable to the myriad of creative intrusion-hackers
that produce new viruses daily. Given that today’s content inspection techniques use a
set of known signatures leaves the question ‘How can we deal with unknown attacks?’ still open.
Few approaches are taking an anticipative view, by emulating the way biological
organisms protect themselves [33], [34]. AIIs are networks with moving objects and
subjects ‘cloned’ as intangible agents in cyberspace. This vision of security cannot be
defined top-down. In this ever-changing environment, security policies must evolve
and adapt to suit the circumstances. Some of the requirements for the design of Cybersecurity mechanisms meant to protect our information are:




Coordination in analysis, alerts, incidents management, counteract and response;
Scalable, continuous running, fault tolerant, self-monitoring mechanisms;
Ability to detect new kind of attacks;
Ability to anticipate attacks;
To cope with these needs, we propose a holonic cybersecurity model that emulates
biological behavior by inducing immunity into the network or system under attack.
Much like Noria et.al. realize network immunity in [37], our system is organized as a
holarchy distributed throughout the network, Fig. 7. The AII will anticipate attacks by
activating specialized agents seeking the presence of intruders into the network,
Command Post (Security Policy)
Information Sharing
Coordination Policy
Learning PolicyPolicy Managers
Trust Policy
Security Holarchy (Inter-Enterprise Level)
Coordination Manager
Security Policy Manager
Personal Net Manager
Extranet Manager
Decision Support Intranet Manager Knowledge Base
Manager Layer (Intra-Enterprise Level)
Monitoring Agent
Detection Agent
Analysis Agent
Knowledge Base Agent
Coordination Agent
Policy Conversion Agent
Intranet Holarchy (Atomic Autonomous Systems)
Fig. 7. Cybersecurity Holarchy
similar to how antibodies fight viruses in biological systems.
At the highest level, the “Command Post” embeds the generic security policy for
an organization, which takes care of the following tasks:
 Crisis Management
 Coordinating with other organizations/government agencies
 Lower level systems management
 Shared information with trusted organizations
 Specifies which sets of network parameters should be analyzed by each entity in
the holarchy
In case of an unexpected attack, every command post in the security holarchy is
alerted, triggering fighter agents that specialize in eliminating attackers.
At the middle (inter-enterprise) level, ‘managers’ control specified agents to analyze and correlate data collected by them, whereas at the lowest level, local agents
monitor specified activities. Their main functions are:
 Understand network topology
 Analyze information given by Agents
 Make decisions depending on network topology and information given by other
managers and their agents
 Coordinate the ‘atomic’ agents (e.g. scheduling their operations)
 Manage the ‘atomic agents’ knowledge base updates and mediate information exchange with the ‘command post’ (Fig. 7).
Manager agents interact with the ‘atomic’ agents by:
 sending goals, derived from security policies;
 delegating specific functions of monitoring/detection and specifying the various
domains to monitor;
 gathering particular information, such as: the suspicion level of a particular user,
the list of events generated by a user, etc.;
 gathering relevant reports or analyses, and alarms.
The basic agents have the ‘mission’ to determine an initial attack by analyzing
low-level network events (‘local sniffers’). For this they carry on the following functions:
 Real-time monitoring of network packets;
 Full IP de-fragmentation and upper protocol data reassembly;
 Provide immediate information analysis in original environment, at that very instant and catching additional local data that might be required;
 Delay / block network traffic/ isolate segment suspected of ‘attack’
 Content inspection for security behavior violations
 Delete, modify suspicious/malicious content
Given that the holonic model (Fig. 7) is mirrored by the organization of wireless
networks (Fig. 8), the proposed holonic cybersecurity system encompasses both networked and wireless environments.
(WAN – wide area network; LAN – large area network; PAN – personal area network)
Fig. 8. Wireless holarchy
The holonic approach enables also a topology-oriented approach in which critical
points of action are identified where agents ‘migrate’ as needed. This enables in addition to the automatic detection of an attack, also attack localization as close as possible to its source. Agents must be able to isolate a specific network’s segments. Managers coordinate the activity of basic agents by moving the basic agents across differ-
ent network points in order to investigate what is the really “relevant” information and
how to extract quality from quantity.
The requirements for deploying and exchange of information are:
 It should be faster than suspicious code. This demands predefined quality of service (QoS) priorities (dedicated ‘traffic line’ for emergency services)
 The secure ‘tunnel’ between Managers, Agents and ‘Command Post’/Mediator
(Fig. 7) has to be ‘always ready’
 Self-deploying: ability to send mobile agent(s) in response to attack escalation
From an information gathering perspective, the task is huge, and characterized by the
following challenges:
 Huge data repository: millions of data streams go through dominant Internet node
points;
 Variable parameters due to network dynamics;
 Hundreds of parameters (data dimensions);
 ‘On-the-fly’ analysis opens a performance issue;
 Training time for large data sets may be high
This calls for advanced data mining capabilities, which can be incorporated into the
distributed intelligence of the holonic system, by the managers and local agents, as
follows.
Managers can deal with:
 Network Topology
 Collection of run-time abnormal information from the basic agents
 Collection of run-time information gathered from government and non-government
trusted organizations
 Implement the “Command Post” directives
The basic agents can deal with:
 Protocols packet headers
 Selective data content analysis – application data streams
 Network segments and hosts profiles
Computational intelligence techniques endow the cybersecurity AII with learning and
discovery capabilities. Neural networks can be used to learn:
 to detect anomaly (abnormal low-level network events; abnormal data stream content; abnormal behavior of hosts and network segments)
 to distinguish malicious traffic from normal traffic
 to update activity profiles of hosts and network segments
 to detect multi step attack scenarios
 to detect new classes of incidents
Fuzzy logic can encapsulate the strategy into linguistic rules. Examples of rules for
the ‘atomic’ agents are:
IF
(The number of total packets observed in the data collection interval for a
particular day/hour for the specific host == MEDIUM)
AND (The numbers of TCP connection attempts in this data collection interval for
a specific host == HIGH)
THEN “SYN_Flood” == MEDIUM-HIGH
IF
(The numbers of TCP connection attempts in this data collection interval for
a specific host == HIGH)
AND (The number of successfully established TCP connections in a time interval
for a specific host == LOW)
THEN “SYN_Flood” == HIGH
IF
(The numbers of TCP connection attempts in this data collection interval for
a specific host == HIGH)
AND (The number of incoming packets from a sole source == MEDIUM-HIGH)
THEN “SYN_Flood” == HIGH
Examples of rules for managers:
IF
(The number of agents reporting about the MEDIUM SYN-Flood attack ==
LOW-MEDIUM)
AND (These agents resided according to the “sheaf” topology == MEDIUM)
THEN “SYN_Flood” == HIGH
IF
(The number of agents reporting about HIGH SYN-Flood attack == LOW)
AND (HOPs number between these agents ==LOW)
AND (HOPs number between reporting agent and possible attacked host ==LOW)
THEN i “SYN_Flood” == HIGH
As opposed to today’s intrusion detection systems, the proposed model encompasses a broader vision of Cybersecurity, which can be expanded to a national or even
global Cybersecurity system. (In this vision, at the top holarchic level an ‘organization’ can be a country or even the planet.) Although all system’s entities use intelligent decision making techniques which ensure automatic response to intrusion such
capabilities will enable to mainly ‘buy time’ in taking low-level (non-critical) decisions. Human intervention is still required to make critical decisions and takes place
through interactions between the security officer and security policy manager agent/
extranet manager agent. It ensures the reception of specifications and requests from
the security officer such as which security policies to apply. It enables the delivery of
security reports and alarms when an attack is detected. The security officer can also
ask for additional information (e.g. asking for the current security state of the network
or the list of suspicious users).
5.4
Security-related challenges
 Can a trusted access capability be built into security protected environments, enabling emergency help (medical, fire brigade and police) to intervene when lifecritical help is at stake?
 How can we decide on the appropriate policies, strategies, architectures and allocation of resources in the absence of an assumed rationale for threat?
 Across an open, large community, how can knowledge be securely exchanged over
time, as the community evolves and data and trust change?
 How can we manage the security associated with spontaneous cooperation without
imposed or predefined fixed roles and rules?
 Can the ideal of running secure applications on an insecure network be reached?
Can we include liability in the design rationale?
5.5
Generic Challenges in AII research and development
Some of the difficult questions posed by this research are:
 Can pathological emergent behavior of the total system, arising from the interactions between people, agents, objects, and their various policies, be avoided?
 How do we translate the interaction of agents in different contexts and environments into machine understandable language?
 How do we express and code sufficient real world semantics when the scope of interaction between agents is too broad or not predefined [35]?
There are many challenges in realizing AIIs. Highly interdisciplinary research
(e.g., industrial engineering and control systems, distributed artificial intelligence and
logic programming, information systems and communication technologies) is required to develop and implement dynamic services for a networked economy. We
hope that the proposed research will succeed in tackling these complex developments
with appropriate solutions emerging.
6 Conclusions
This research aims to create a theoretical foundation for the design of adaptive information infrastructures (AIIs) enabling and sustaining tomorrow’s e-Society, as well as
envision various areas of application for such AIIs, that would improve human life.
The recent theoretical results obtained by us in modeling the property of emergence in
self-organizing systems were refined and expanded with other recent results to create
a model of emergence in Cyberspace, by this setting a foundation for the development
and emergence of AIIs mirroring biological behavior.
The principal merit of the proposed holonic AII architecture is that it provides an
environment that can react appropriately to highly unpredictable situations. By using
natural models of emergence, much in the same manner as DNA is controlled in genetic engineering, we will be able to control the emergence of AIIs as crises arise. AIIs will address the emergency quickly, efficiently and most appropriately. Once a goal
is set (where a certain need has to be fulfilled), the AII self-organizes to accomplish
this goal optimally.
AIIs are applicable to a wide range of problems requiring timely configuration and
coordination of distributed resources needed to address emergency situations, such as:
disaster emergency logistics (evacuation planning, scheduling of emergency relief
crews, food and water distribution, hospital bed planning); national defense and security (emergence of military AIIs as infrastructure for coordination of military opera-
tions in case of an unexpected attack);Cybersecurities (network and information securities); ubiquitous ad-hoc healthcare (emergence of medical AIIs grouping the most
suitable medical entities able to cooperate and organize their interaction to respond
adequately to patient’s need; medical emergency logistics with patient information retrieval and heterogeneous transaction workflow management throughout the medical
organization); fault-tolerant flexible production (emergent planning and scheduling of
reconfigurable manufacturing production; customer-centric supply chain and workflow management; fault tracking and error reporting across the manufacturing organization).
Our future work will focus on the design of a reference model that enables the
quick deployment of AIIs for emergency applications. We will investigate new areas
of application, such as: how the AII approach can be used to provide advance warning
of an impending health epidemic (e.g. bird flu, SARS) based on simultaneous agent
monitoring of multiple hospital emergency room activity and how could a similar approach help prevent communication network outages by agent monitoring of network
traffic on various routers. We will expand our previous results on global production
integration, to other manufacturing areas, such as continuous monitoring of various
processes and pipelines to predict changes in delivery schedules or unanticipated
maintenance of equipment. We will continue to lead the development of international
standards in AIIs design within international standards bodies such as the Foundation
for Intelligent Physical Agents (FIPA), and the Intelligent Manufacturing Systems
Consortium (IMS).
References
[1] Proceedings of the ‘Ambient Intelligence: First European Symposium’, EUSAI 2003,
Veldhoven, the Netherlands, November 2003, E. H. L. Aarts (Editor), Springer-Verlag
New York, Incorporated, ISBN 3-540-20418-0 / 3540204180.
[2] Vahe Poladian, Joao Pedro Sousa, David Garlan, and Mary Shaw, Dynamic configuration
of resource-aware services, Proceedings of ICSE 2004, May 23-28, 2004, Edimburgh.
[3] M. Pechoucek, V. Marik, J. Barta, Knowledge Based Approach to Operations-Other-ThanWar Coalition Formation, IEEE Tr on Intelligent Systems, Special Issue on Coalition Operations, 2002.
[4] Track on Coalition Formation, Proceedings of AAMAS 2003, July 16-18, 2003, Melbourne, Australia.
[5] Proceedings of International Workshop on Engineering Self-Organizing Applications,
AAMAS 2003, July 15, Melbourne, Australia.
[6] Sven Brueckner, H. Van Dyke Parunak: Resource-aware exploration of the emergent dynamics of simulated systems, Proceedings of AAMAS 2003: 781-788.
[7] Stuart Kaufmann, Investigations, Oxford University Press, ISBN 0-19-512104-X
[8] Mihaela Ulieru, “Emergence of Holonic Enterprises from Multi-Agent Systems: A FuzzyEvolutionary Approach”, Invited Chapter in Soft Computing Agents: A New Perspective on
Dynamic Information Systems, (V. Loia – Editor), IOS Press -Frontiers in AI and Applications Series 2002, ISBN 1 58603 292 5, pp. 187-215.
[9] Mihaela Ulieru, “Modeling Holarchies as Multi-Agent Systems to Enable Global Collaboration”, Proceedings of the IEEE Computer Society Press – 13th International Conference
and Workshop on Database and Expert Systems Applications (DEXA 2002), September 26, 2002, Aix-en-Provence, France, pp. 603-608, ISBN 0-7695-1668-8, Order # PRO1668.
[10] Mihaela Ulieru, Dan Stefanoiu and Douglas Norrie, “Holonic Metamorphic Architectures
for Manufacturing: Identifying Holonic Structures in Multi-Agent Systems by Fuzzy Modeling”, Invited Chapter in Handbook of Computational Intelligence in Design and Manufacturing (Jun Wang & Andrew Kussiak – Editors), CRC Press 2000, ISBN No 0-84930592-6, pp. 3-1 – 3-36.
[11] Mihaela Ulieru and Dan Stefanoiu, “Holonic Self-Organization of Multi-Agent Systems by
Fuzzy Modeling with Application to Intelligent Manufacturing”, IEEE-SMC 2000, Nashville, USA, October, pp. pp. 1661-1666 – with Dan Stefanoiu – postdoctoral fellow and
Douglas Norrie.
[12] Arthur Koestler, The Ghost in the Machine, MacMillan, 1968.
[13] Christensen, James H., Holonic Manufacturing Systems: Initial Architecture and Standards
Directions, in Proceedings of the First European conference on Holonic Manufacturing
systems, European HMS Consortium, Hanover, Germany, 1994.
[14] Mihaela Ulieru, Scott Walker and Robert Brennan, “Holonic Enterprise as a Collaborative
Information Ecosystem”, Workshop on “Holons: Autonomous and Cooperative Agents for
the Industry”, Autonomous Agents 2001, Montreal, May 29, 2001, pp. 1-13.
[15] Mihaela Ulieru, “A Fuzzy Mathematics Approach to Modeling Emergent Holonic Structures”, Invited Chapter in Geometry, Continua and Microstructures, pp. 241-255, Academic Press, 2002 – ISBN 973-27-0880-8.
[16] Mihaela Ulieru and Silviu Ionita, “Soft Computing Techniques for the Holonic Enterprise”, FLINT 2001, M. Nikravesh and B. Azvine (Eds.), New Directions in Enhancing the
Power of the Internet, UC Berkeley Electronics Research Laboratory, Memorandum No.
UCB/ERL M01/28, August 2001. pp 182-187.
[17] LARKS: Dynamic Matchmaking Among Heterogeneous Software Agents in Cyberspace,
K. Sycara, S. Widoff, M. Klusch and J. Lu, Autonomous Agents and Multi-Agent Systems,
Volume 5, No. 2, June 2002, Kluwer ISSN 1387-2532.
[18] Mihaela Ulieru and Mircea Cobzaru, “Building Holonic Supply Chain Management Systems: An e-Logistics Application for the Telephone Manufacturing Industry”, IEEE Transactions on Industrial Electronics, December 2004 (accepted).
[19] Mihaela Ulieru and Rainer Unland, “Emergent e-Logistics Infrastructure for Timely
Emergency Response Management by Collaborative Problem-Solving with Optimized Resource (Re)Allocation”, invited chapter in Engineering Self-Organising Systems - Nature-Inspired Approaches to Software Engineering, Di Marzo Serugendo, G.;
Karageorgos, A.; Rana, O.F.; Zambonelli, F. (Editors), Springer Verlag, 2004, X,
299 ISBN: 3-540-21201-9, pp. 139-156.
[20] Mihaela Ulieru, “Internet-Enabled Soft Computing Holarchies for e-Health Applications”,
in New Directions in Enhancing the Power of the Internet, (L.A. Zadeh and M. Nikravesh
– Editors), pp. 131-166, Springer Verlag, Berlin, 2003.
[21] Mihaela Ulieru and Alexander Grabelkovsky, “Telehealth Approach to Glaucoma Progression Monitoring”, International Journal of Information Theories and Applications 10(3),
2003, ISSN 1310-0513, pp. 326-330.
[22] Mihaela Ulieru and Marcelo Rizzi A Cooperative Approach to the Development of Expert
Knowledge Bases Applied to Define Standard of Care in Glaucoma, Proceedings of CoopIS 2003, Catania, Sicily, Nov. 3-7, 2003, pp. 235-243, Springer Verlag Lecture Notes in
Computer Science LNCS 2888.
[23] Mihaela Ulieru, Soft Computing Agents for e-Health, NAFIPS 2004 (North-American
Fuzzy Information Processing Society) International Conference, Banff, Canada, June 2730 (accepted).
[24] Mihaela Ulieru and Adam Geras, “Emergent Holarchies for e-Health Applications – A
Case in Glaucoma Diagnosis”, Proceedings of IECON 2002 – 28th Annual Conference of
the IEEE Industrial Electronics Society, November 5-8, 2002, Seville, Spain, ISBN 0-
7803-7475-4, pp. 2957-2962, (proceedings on CD-Rom, IEEE Catalog Number
02CH37363.)
[25] Mihaela Ulieru, "Fuzzy Logic in Diagnosis: Possibilistic Networks" invited Chapter in
Fuzzy Logic (J. Baldwin) John Wiley &Sons, 1996, ISBN 0471 962813, pp.135-177.
[26] ASTM E31 - http://www.astm.org/COMMIT/ COMMITTEE/E31.htm
[27] HL7 (Health Level 7) - http://hl7.org
[28] OpenGALEN: http://www.opengalen.org
[29] UMLS: http://www.nlm.nih.gov/research/umls
[30] SNOMED: http://www.snomed.org
[31] Tom Berson, Sun Tzu in Cyberspace: The Art of Information Warfare, Keynote Address at
the Cybersecurity 2003 Conference, May 20, Foster City, CA, USA.
[32] Yuefei Xu, et. al., A Security Framework for Collaborative Distributed Systems Control at
the Device Level, Proceedings of the 1st IEEE International Conference on Industrial Informatics, Banff, Canada, August 21-24, 2003 (M. Ulieru, R. Unland, A. Weaver, Editors),
ISBN 0-7803-8200-5, pp. 192-199.
[33] D. L. Chao and S. Forrest, Information Immune Systems, International Conference on Artificial Immune Systems (ICARIS). pp. 132-140 (2002)
[34] N. Foukia, S. Fenet, S. Hassas and J. Hulaas, "An Intrusion Response Scheme: Tracking
the Alert Source using a Stigmergy Paradigm", in Proceedings of the 2nd International
Workshop on Security of Mobile Multiagent Systems (SEMAS-2002), AAMAS 2002,,
Bologna, Italy, July 16, 2002.
[35] Tim Kindberg and Armando Fox, Systems Software for Ubiquitous Computing, IEEE on
Pervasive Computing, Jan-Mar 2002, pp. 70-81.
[36] http://www.biometrics.org
[37] Noria Foukia and Salima Hassas and Serge Fenet and Paul Albuquerque, "Combining
Immune Systems and Social Insect Metaphors: A Paradigm for Distributed Intrusion Detection and Response System" in Proceedings of Mobile Agents for Telecommunication
Applications, 5th International Workshop, MATA 2003, Marakech, Morocco, October 810, 2003
[38] Stuart Kaufmann, At Home in The Universe: The search for the laws of self organization
and complexity, New York: Oxford University Press, 1995
Download